ActiveDirectory/PostfixDovecot: различия между версиями
| Строка 9: | Строка 9: | ||
samba-tool user add -W Users vmail | samba-tool user add -W Users vmail | ||
== Настройка Postfix == | |||
apt-get install postfix-ldap | apt-get install postfix-ldap | ||
=== Изменение файлов === | |||
В каталоге {{path|/etc/postfix}} изменяем файлы для домена {{term|test.alt}}: | |||
==== main.cf ==== | |||
<source lang="ini"># Global Postfix configuration file. This file lists only a small subset | |||
# of all parameters. For the syntax, and for a complete parameter list, | |||
# see the postconf(5) manual page. For a commented and more complete | |||
# version of this file see /etc/postfix/main.cf.dist | |||
mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME | |||
inet_protocols = ipv4 | |||
sender_bcc_maps = | |||
recipient_bcc_maps = | |||
relay_domains = | |||
smtpd_sasl_local_domain = test.alt | |||
virtual_mailbox_domains = test.alt | |||
transport_maps = hash:/etc/postfix/transport | |||
# Used to verify sender. | |||
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ad_sender_login_maps.cf</source> | |||
==== ad_sender_login_maps.cf ==== | |||
<source lang="ini">server_host = test.alt | |||
server_port = 389 | |||
version = 3 | |||
bind = yes | |||
start_tls = no | |||
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt | |||
bind_pw = Pa$$word | |||
search_base = cn=Users,dc=test,dc=alt | |||
scope = sub | |||
query_filter = (&(userPrincipalName=%s)(objectClass=person)(!(userAccountControl=514))) | |||
result_attribute= userPrincipalName | |||
debuglevel = 0</source> | |||
==== ad_virtual_group_maps.cf ==== | |||
<source lang="ini">server_host = test.alt | |||
server_port = 389 | |||
version = 3 | |||
bind = yes | |||
start_tls = no | |||
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt | |||
bind_pw = Pa$$word | |||
search_base = cn=Users,dc=test,dc=alt | |||
scope = sub | |||
query_filter = (&(objectClass=group)(mail=%s)) | |||
special_result_attribute = member | |||
leaf_result_attribute = mail | |||
result_attribute= userPrincipalName | |||
debuglevel = 0</source> | |||
==== ad_virtual_mailbox_maps.cf ==== | |||
<source lang="ini">server_host = test.alt | |||
server_port = 389 | |||
version = 3 | |||
bind = yes | |||
start_tls = no | |||
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt | |||
bind_pw = Pa$$word | |||
search_base = cn=Users,dc=test,dc=alt | |||
scope = sub | |||
query_filter = (&(objectclass=person)(userPrincipalName=%s)) | |||
result_attribute= userPrincipalName | |||
result_format = %d/%u/Maildir/ | |||
debuglevel = 0</source> | |||
==== transport ==== | |||
<source lang="text">test.alt dovecot</source> | |||
=== Запуск postmap === | |||
postmap hash:/etc/postfix/transport | |||
=== Тестируем работу === | |||
Проверка пользователя почты {{term|petrov}}: | |||
<source lang="text"># postmap -q petrov@test.alt ldap:/etc/postfix/ad_virtual_mailbox_maps.cf | |||
test.alt/petrov/Maildir/</source> | |||
Проверка входа: | |||
<source lang="text"># postmap -q petrov@test.alt ldap:/etc/postfix/ad_sender_login_maps.cf | |||
petrov@test.alt</source> | |||
Проверка общего адреса e-mail: | |||
<source lang="text"># samba-tool group add --mail-address=sales@test.alt Sales | |||
Added group Sales | |||
# samba-tool group addmembers Sales ivanov,petrov | |||
Added members to group Sales | |||
# postmap -q sales@test.alt ldap:/etc/postfix/ad_virtual_group_maps.cf | |||
ivanov@test.alt,ivanov@test.alt,petrov@test.alt,petrov@test.alt</source> | |||
=== Настройка Dovecot === | === Настройка Dovecot === | ||
Версия от 18:08, 4 февраля 2016
Настройка Postfix для аутентификации пользователей в Active Directory.
Настройка
Создание пользователя в Active Directory
samba-tool user add -W Users vmail
Настройка Postfix
apt-get install postfix-ldap
Изменение файлов
В каталоге /etc/postfix изменяем файлы для домена test.alt:
main.cf
# Global Postfix configuration file. This file lists only a small subset
# of all parameters. For the syntax, and for a complete parameter list,
# see the postconf(5) manual page. For a commented and more complete
# version of this file see /etc/postfix/main.cf.dist
mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME
inet_protocols = ipv4
sender_bcc_maps =
recipient_bcc_maps =
relay_domains =
smtpd_sasl_local_domain = test.alt
virtual_mailbox_domains = test.alt
transport_maps = hash:/etc/postfix/transport
# Used to verify sender.
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ad_sender_login_maps.cf
ad_sender_login_maps.cf
server_host = test.alt
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt
bind_pw = Pa$$word
search_base = cn=Users,dc=test,dc=alt
scope = sub
query_filter = (&(userPrincipalName=%s)(objectClass=person)(!(userAccountControl=514)))
result_attribute= userPrincipalName
debuglevel = 0
ad_virtual_group_maps.cf
server_host = test.alt
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt
bind_pw = Pa$$word
search_base = cn=Users,dc=test,dc=alt
scope = sub
query_filter = (&(objectClass=group)(mail=%s))
special_result_attribute = member
leaf_result_attribute = mail
result_attribute= userPrincipalName
debuglevel = 0
ad_virtual_mailbox_maps.cf
server_host = test.alt
server_port = 389
version = 3
bind = yes
start_tls = no
bind_dn = cn=vmail,cn=Users,dc=test,dc=alt
bind_pw = Pa$$word
search_base = cn=Users,dc=test,dc=alt
scope = sub
query_filter = (&(objectclass=person)(userPrincipalName=%s))
result_attribute= userPrincipalName
result_format = %d/%u/Maildir/
debuglevel = 0
transport
test.alt dovecot
Запуск postmap
postmap hash:/etc/postfix/transport
Тестируем работу
Проверка пользователя почты petrov:
# postmap -q petrov@test.alt ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
test.alt/petrov/Maildir/
Проверка входа:
# postmap -q petrov@test.alt ldap:/etc/postfix/ad_sender_login_maps.cf
petrov@test.alt
Проверка общего адреса e-mail:
# samba-tool group add --mail-address=sales@test.alt Sales
Added group Sales
# samba-tool group addmembers Sales ivanov,petrov
Added members to group Sales
# postmap -q sales@test.alt ldap:/etc/postfix/ad_virtual_group_maps.cf
ivanov@test.alt,ivanov@test.alt,petrov@test.alt,petrov@test.alt